CVE-2026-33632 ClearanceKit: opfilter policy bypass via exchangedata and clone operations

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...

ClearanceKit 安全漏洞

ClearanceKit is a macOS file system access control tool developed by Craig J. Bass. Versions of ClearanceKit prior to 4.2.4 contained security vulnerabilities; these vulnerabilities stemmed from the failure to intercept events of type ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE, which...

PT-2024-17538 · Feedbackwp · Rate My Post – Star Rating Plugin

Name of the Vulnerable Software and Affected Versions: Rate My Post – Star Rating Plugin by FeedbackWP versions up to, and including, 4.2.4 Description: The issue allows unauthenticated attackers to vote on unpublished scheduled posts due to missing validation on a user-controlled key in the get...

WordPress plugin MultiVendorX 授权问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An authorization issue...

CirCarLife Scada Unauthorized Upgrade Vulnerability

Circontrol CirCarLife Scada is a parking lot automation system from Circontrol, Spain. A security vulnerability exists in Circontrol CirCarLife Scada version 4.2.4. The vulnerability can be exploited to disclose sensitive information by sending requests to the html/upgrade.html and...

DEBIAN-CVE-2015-5732

Cross-site scripting XSS vulnerability in the form function in the WPNavMenuWidget class in wp-includes/default-widgets.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a widget title...